John Plocher wrote: > Member names must be between 3 and eight characters long and > start with a letter. The allowed characters are lowercase letters, > numbers, period, underline and hyphen. > > What about our European friends who have punctuated names, or > those in Asia whose names use more than the 26 lower case ascii > characters? > Good Old Garret D'Amore comes to mind, as do Jörg and the folks > in Asia....
The member names have to map onto Solaris login names, because they are used when you connect via SSH to do a Mercurial or Subversion operation. Solaris login names are limited to 8 characters, we have to pass that restriction through. There isn't anything we can do about it. > Localization and internationalization should include this sort > of stuff as well... Everything else is i18n'd - for example JimG registered with his full name in Japanese. > Passwords must be between six and twenty characters long and > must contain at least two letters and at least one number or > punctuation character. > > Why "yet another password construction policy"? What if my pass > phrase is longer, or uses non-alphanumeric and non-punctuation > characters? Other sites analyze the entered password and inform > the user of its strength factor rather than forcing everyone to > use a single arbitrary site-specific scheme. That's inherited from the existing application, we will be migrating accounts from there so it seemed reasonable to keep the rules the same. The 'test your strength' password schemes just apply the same rules behind the scenes, all we are doing is making the rules explicit. > Security Questions > > The "default" should be "PICK ONE" rather than the first question > on the list. Or just blank - all the existing accounts don't have questions defined in any case, so I agree we need some way of indicating that. > If you can't read the words, press the "Get a new challenge" > button to the right of the words. > > There is no such button. Instead, there are three graphical > images, one of which has ALT TEXT that contains that phrase, > The above text implies that those images are ineffectual :-) > > Instead, explicitly put the link in the instructions: > If you can't read the words, press [HREF'd IMG] to Get a new challenge. Unfortunately you can't. The entire reCAPTCHA widget is generated by a (reCAPTCHA supplied) Javascript library that makes a call to the reCAPTCHA server to build the CAPTCHA, and then inserts the widget dynamically into document. I did toy with not putting anything at all, but ocassionally reCAPTCHA provides unreadable images, I wanted to give some sort of hint that you could generate a different challenge. Thanks for the feedback, -- Alan Burlison -- _______________________________________________ website-discuss mailing list [email protected]
